Lucene search
K

200 matches found

Positive Technologies
Positive Technologies
added 2022/09/02 12:0 a.m.5 views

PT-2022-10447 · Qualcomm · Snapdragon

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon affected versions not specified Description: The issue arises due to insufficient validation of ELF headers, leading to an incorrect calculation of buffer size in the boot process. This can result in memory corruption in...

8.4CVSS8.6AI score0.00123EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/05/03 8:15 p.m.4 views

CVE-2022-28793

Given the TEE is compromised and controlled by the attacker, improper state maintenance in StrongBox allows attackers to change Android ROT during device boot cycle after compromising TEE. The patch is applied in Galaxy S22 to prevent change of Android ROT after first initialization at boot time...

4.4CVSS5.9AI score0.00209EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/04/21 12:0 a.m.4 views

The vulnerability of the ChgBootDxeHook driver in Lenovo notebook BIOS microprogramming software allows a malicious actor to execute malicious drivers and applications during the boot process.

The vulnerability of the ChgBootDxeHook driver in Lenovo notebook BIOS microprogramming software relates to the possibility of modifying security boot settings by editing the NVRAM variable. Exploiting this vulnerability allows a hacker to execute malicious drivers and applications during the boo...

6.8CVSS5.6AI score0.02999EPSS
Exploits1References3
NVD
NVD
added 2021/03/24 9:15 p.m.24 views

CVE-2021-1375

Multiple vulnerabilities in the fast reload feature of Cisco IOS XE Software running on Cisco Catalyst 3850, Cisco Catalyst 9300, and Cisco Catalyst 9300L Series Switches could allow an authenticated, local attacker to either execute arbitrary code on the underlying operating system, install and...

7.2CVSS0.00232EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/03/24 8:15 p.m.29 views

CVE-2021-1375 Cisco IOS XE Software Fast Reload Vulnerabilities

Multiple vulnerabilities in the fast reload feature of Cisco IOS XE Software running on Cisco Catalyst 3850, Cisco Catalyst 9300, and Cisco Catalyst 9300L Series Switches could allow an authenticated, local attacker to either execute arbitrary code on the underlying operating system, install and...

6.7CVSS6.9AI score0.00232EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2021/03/24 8:15 p.m.17 views

CVE-2021-1376 Cisco IOS XE Software Fast Reload Vulnerabilities

Multiple vulnerabilities in the fast reload feature of Cisco IOS XE Software running on Cisco Catalyst 3850, Cisco Catalyst 9300, and Cisco Catalyst 9300L Series Switches could allow an authenticated, local attacker to either execute arbitrary code on the underlying operating system, install and...

6.7CVSS7.2AI score0.00232EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/03/24 8:15 p.m.23 views

CVE-2021-1376 Cisco IOS XE Software Fast Reload Vulnerabilities

Multiple vulnerabilities in the fast reload feature of Cisco IOS XE Software running on Cisco Catalyst 3850, Cisco Catalyst 9300, and Cisco Catalyst 9300L Series Switches could allow an authenticated, local attacker to either execute arbitrary code on the underlying operating system, install and...

6.7CVSS6.9AI score0.00232EPSS
Exploits0References1
NVD
NVD
added 2021/03/24 8:15 p.m.10 views

CVE-2021-1449

A vulnerability in the boot logic of Cisco Access Points Software could allow an authenticated, local attacker to execute unsigned code at boot time. The vulnerability is due to an improper check that is performed by the area of code that manages system startup processes. An attacker could exploi...

6.7CVSS0.00265EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2021/03/24 8:6 p.m.10 views

CVE-2021-1453 Cisco IOS XE Software for the Catalyst 9000 Family Arbitrary Code Execution Vulnerability

A vulnerability in the software image verification functionality of Cisco IOS XE Software for the Cisco Catalyst 9000 Family of switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. The vulnerability is due to an improper check in the code functi...

6.8CVSS7.2AI score0.00223EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/03/24 8:6 p.m.27 views

CVE-2021-1453 Cisco IOS XE Software for the Catalyst 9000 Family Arbitrary Code Execution Vulnerability

A vulnerability in the software image verification functionality of Cisco IOS XE Software for the Cisco Catalyst 9000 Family of switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. The vulnerability is due to an improper check in the code functi...

6.8CVSS6.9AI score0.00223EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/03/24 8:6 p.m.41 views

CVE-2021-1441 Cisco IOS XE Software Hardware Initialization Routines Arbitrary Code Execution Vulnerability

A vulnerability in the hardware initialization routines of Cisco IOS XE Software for Cisco 1100 Series Industrial Integrated Services Routers and Cisco ESR6300 Embedded Series Routers could allow an authenticated, local attacker to execute unsigned code at system boot time. This vulnerability is...

6.7CVSS6.7AI score0.00308EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2021/03/24 12:0 a.m.4 views

PT-2021-2556 · Cisco · Cisco Ios Xe

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software for Cisco 1100 Series Industrial Integrated Services Routers affected versions not specified Cisco IOS XE Software for Cisco ESR6300 Embedded Series Routers affected versions not specified Description: The issue exists d...

7.2CVSS6.4AI score0.00308EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/03/24 12:0 a.m.6 views

Cisco Cisco Catalyst 9000 数据伪造问题漏洞

The Cisco Catalyst 9000 is a switch from Cisco USA. A security vulnerability exists in the Cisco Catalyst 9000 Family that originates from an improper check in the code function that manages the digital signature verification of the system image file during the initial boot process. An attacker...

7.2CVSS7AI score0.00223EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/03/03 12:0 a.m.4 views

grub2 安全漏洞

grub2 is a Linux system boot program from the GNU community. GRUB2 has a security vulnerability that allows grub to be booted directly if a certificate signing grub is installed into the db. it can then boot any kernel without signature verification...

6.4CVSS6.9AI score0.00466EPSS
Exploits0References6
NVD
NVD
added 2021/02/04 5:15 p.m.16 views

CVE-2021-1136

Multiple vulnerabilities in Cisco Network Convergence System NCS 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for the Cisco 8000 Series Routers could allow an authenticated, local attacker to execute unsigned code during the boot process on...

6.7CVSS0.00204EPSS
Exploits0References1
NVD
NVD
added 2021/02/04 5:15 p.m.18 views

CVE-2021-1244

Multiple vulnerabilities in Cisco Network Convergence System NCS 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for the Cisco 8000 Series Routers could allow an authenticated, local attacker to execute unsigned code during the boot process on...

6.7CVSS0.00204EPSS
Exploits0References1
Prion
Prion
added 2021/02/04 5:15 p.m.25 views

Design/Logic Flaw

Multiple vulnerabilities in Cisco Network Convergence System NCS 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for the Cisco 8000 Series Routers could allow an authenticated, local attacker to execute unsigned code during the boot process on...

4.6CVSS6.6AI score0.00204EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/02/04 5:15 p.m.18 views

Design/Logic Flaw

Multiple vulnerabilities in Cisco Network Convergence System NCS 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for the Cisco 8000 Series Routers could allow an authenticated, local attacker to execute unsigned code during the boot process on...

4.6CVSS6.6AI score0.00204EPSS
Exploits0References1Affected Software1
The Hacker News
The Hacker News
added 2020/12/03 10:59 a.m.7 views

TrickBot Malware Gets UEFI/BIOS Bootkit Feature to Remain Undetected

TrickBot, one of the most notorious and adaptable malware botnets in the world, is expanding its toolset to set its sights on firmware vulnerabilities to potentially deploy bootkits and take complete control of an infected system. The new functionality, dubbed "TrickBoot" by Advanced Intelligence...

5.7AI score
Exploits0
CNVD
CNVD
added 2020/10/26 12:0 a.m.2 views

Cisco FXOS Secure Boot Bypass Vulnerability

Cisco FXOS Software is a set of firewall software from Cisco that runs in Cisco security appliances. Cisco FXOS has a security vulnerability that stems from insufficient protection of the secure boot process. An attacker can exploit the vulnerability to break the chain of trust and inject code in...

7.8CVSS7.1AI score0.00344EPSS
Exploits0References1
Rows per page
Query Builder